app.py
from flask import Flask, redirect, request, url_for
from flask_login import LoginManager, login_user, logout_user, login_required, UserMixin, current_user
app = Flask(__name__)
app.secret_key = 'super secret string' # Change this!
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "login" # 未ログイン時にprotectedにアクセスするとリダイレクト
# Our mock database.
users = {'foo@bar.tld': {'password': 'secret'}}
class User(UserMixin):
pass
@login_manager.user_loader
def user_loader(email):
if email not in users:
return
user = User()
user.id = email
return user
@login_manager.request_loader
def request_loader(req):
email = req.form.get('email')
if email not in users:
return
user = User()
user.id = email
return user
@app.route('/')
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'GET':
return '''
<form action='login' method='POST'>
<input type='text' name='email' id='email' placeholder='email'/>
<input type='password' name='password' id='password' placeholder='password'/>
<input type='submit' name='submit'/>
</form>
'''
email = request.form['email']
if request.form['password'] == users[email]['password']:
user = User()
user.id = email
login_user(user)
return redirect(url_for("protected"))
return 'Bad login'
@app.route('/protected')
@login_required
def protected():
return f'''
Logged in as: {current_user.id} <a href='logout'>logout</a>
'''
@app.route('/logout')
def logout():
logout_user()
return f'''
Logged out
<a href='login'>login</a>
'''
if __name__ == '__main__':
app.run(debug=True)